SonicWall Guide

Use this guide to integrate Cybora with SonicWall using Dynamic External Address Groups and Dynamic External Address Objects. This is the native SonicOS approach for consuming an external IP or FQDN feed and applying it in policy.

What SonicWall can do with a Cybora feed

• SonicWall can download an external feed into a Dynamic External Address Group (DEAG).
• The downloaded entries are represented internally as Dynamic External Address Objects (DEAOs).
• The resulting dynamic group can then be used in classic access rules or policy-mode security policies.
• This workflow is well suited to IP-based feeds and can also support FQDN-based workflows where appropriate.

Before you start

• Use a SonicOS release that supports Dynamic Groups and Dynamic External Objects.
• Make sure the firewall can reach your Cybora feed URL over the required network path.
• Decide whether your feed should be treated as an IP-based or FQDN-based dynamic group.
• Plan where you want the group enforced so you can choose the correct zone and policy placement.

Create the dynamic external group

1. Go to the Dynamic Group or Dynamic External Objects section in SonicOS.
2. Add a new Dynamic External Address Group.
3. Enter a clear name for the group.
4. Select the relevant zone assignment.
5. Enable FQDN only if your feed is intended to populate FQDN-based dynamic objects.
6. Enable periodic download.
7. Paste the Cybora feed URL into the external source field.
8. Choose a download interval that matches your Cybora plan as closely as your SonicOS release allows. Do not configure the firewall to poll the feed more often than your plan permits. Only one request is allowed within the permitted interval, and excessive polling may cause the feed to be blocked.
9. Save the dynamic group and confirm that the initial download succeeds.

Apply the group in policy

1. In Classic Mode, use the dynamic group in an Access Rule.
2. In Policy Mode, use the dynamic group in the relevant Security Policy.
3. Configure the rule action so matching traffic is blocked or otherwise handled according to your security policy.
4. Enable logging so you can confirm matches and troubleshoot policy behavior.

Validation

1. Confirm that the dynamic group downloaded successfully.
2. Check the object status indicator or comments section for download health.
3. Verify that the dynamic group is referenced in the intended access rule or security policy.
4. Test with known matching traffic and review the resulting rule or policy logs.

Further reading

• Dynamic Group
• Adding Dynamic External Objects
• Applying Dynamic External Objects
• What are dynamic external objects/groups and how can we configure it?